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Top Stories 

• Three men were charged in connection to an alleged cyber-attack against several U.S. 
financial institutions that allowed the suspects to steal the personal information of more 
than 100 million customers. - Wall Street Journal (See item 3) 

• Iowa officials reported that 2 tracks near Danville were out of service November 9 after 2 
locomotives and 21 rail cars derailed when a coal train struck a road grader. - Associated 
Press (See item 9 ) 

• A 5-alarm fire November 9 at the abandoned Paterson Armory in New Jersey prompted the 
closure of several schools in the Paterson Public School district November 10. -NJ.com 
(See item 20 ) 

• Comcast announced November 9 that it will reset passwords for roughly 200,000 
customers after a package of personal data was listed for sale on a Dark Web site. - 
Washington Post (See item 24 ) 
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Energy Sector 



1. November 9, U.S. Attorney’s Office, Southern District of Texas - (New York) Bronx 
man charged in oil futures fraud scheme. A Bronx man was indicted November 9 for 
an alleged fraud scheme where he misled investors out of more than $1.5 million by 
falsely representing that he operated a commodity poll which invested in oil futures 
contracts. The suspect would pay returns to investors with money received from other 
investors and use funds received for personal expenses. 

Source: https://www.fbi.gov/houston/press-releases/2015/bronx-man-charged-in-oil- 
futures-fraud-scheme 



Chemical Industry Sector 

Nothing to report 

Nuclear Reactors, Materials, and Waste Sector 

Nothing to report 

Critical Manufacturing Sector 

2. November 9, Associated Press; Evansville Courier & Press - (Indiana) Indiana 
regulators issue safety order against Tell City foundry where worker was burned. 
Waupaca Foundry in Tell City was issued a safety order and $20,000 in proposed fines 
following an investigation by the Indiana Department of Labor which found that the 
foundry was not following safety procedures and had insufficient barricades following 
a July 17 incident where an employee was injured. The company implemented 
corrective actions following the incident. 

Source: 

http://www.tribtown.com/view/story/e3b7b03d2d094cd6afl6a4d60aae656a/IN— 
Foundry- Injury-Regulators 

Defense Industrial Base Sector 

Nothing to report 

Financial Services Sector 

3. November 10, Wall Street Journal - (International) Charges announced in J.P. 
Morgan hacking case. A Federal indictment was unsealed November 10 against three 
men in connection to an alleged massive cyber-attack against J.P. Morgan Chase & 
Co., and several other U.S. financial institutions that allowed the suspects to steal the 
personal information of more than 100 million customers by hacking into the financial 
institutions’ systems and stealing customer information to carry out a stock- 
manipulation scheme. The defendants would artificially inflate stock prices and send 
spam emails to customers to trick them into buying stocks. 

Source: http://www.wsi.com/articles/prosecutors-announce-charges-in-connection- 



- 2 - 



with-j -p-morgan-hack- 1 447 1 69646 



For another story, see item 1 

Transportation Systems Sector 

4. November 10, Associated Press - (Florida) Suspicious bag at Miami Airport causes 
50 flight delays. Officials reported that 2 security checkpoints were closed, a total of 
50 flights were delayed, and 9 flights were diverted at Miami International Airport 
November 9 while authorities investigated a suspicious bag. The FBI questioned the 
passenger and searched the bag, which was deemed safe. 

Source: http://abcnews.go.com/US/wireStorv/suspicious-bag-miami-airport-50-flight- 
delavs-35094306 

5. November 10, KTLA 5 Los Angeles - (California) 1 killed, 4 injured in three-car 
crash on 405 Freeway in Orange County. Three lanes of 405 Freeway in Irvine were 
shut down for more than 2 hours while Orange County officials investigated a 3-vehicle 
accident that killed 1 person and injured 4 others November 10. 

Source: http://ktla.com/20 15/11/10/1 -killed-4-inj ured-in-three-car-crash-on-405 - 
freeway-in-orange-county/ 

6. November 10, News 13 Central Florida - (Florida) 2 dead, 3 hurt in SR-417 crash 
after reported armed robbery. State Route 417 from Lake Mary Boulevard to State 
Route 434 in Seminole County was shut down for approximately 5 hours November 9 
while crews responded to a single-vehicle accident that killed two people and injured 
three others. 

Source: 

http : //www.mynew s 1 3 . com/content/new s/cfne w s 1 3/news/article .html/content/ne w s/arti 
cies/cfn/2015/1 1/9/sr 417 shut down aft.html 

7. November 10, WGHP 8 High Point - (North Carolina) Plane makes emergency 
landing at Charlotte airport. An American Airlines plane with 98 passengers and 5 
crew members, headed to Dallas-Fort Worth International Airport from Raleigh- 
Durham International Airport made an emergency landing in Charlotte, North Carolina, 
November 10 due to a possible mechanical issue. American Airline officials worked to 
determine whether passengers will continue on the same aircraft or board a new aircraft 
for the remainder of their trip. 

Source: http://mvfox8.eom/2015/l 1/10/plane-makes-emergency-landing-at-charlotte- 
airport/ 

8. November 10, WTVD 11 Durham - (North Carolina) Train derailment blocks Wilson 
County road. Officials in Wilson County reported November 10 that both directions of 
NC-581 were shut down for approximately 1 1 hours while crews work to remove a 
CSX train that derailed 3 train cars and spilled coal onto the roadway. No injuries were 
reported and the cause of the derailment is under investigation. 

Source: http://abc 1 1 .com/traffic/train-derailment-blocking-wilson-county- 
road/1077126/ 
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9. November 9, Associated Press - (Iowa) Coal cars derailed when train hits road 
grader in Iowa. Des Moines County officials reported that two tracks near Danville 
were out of service while crews worked to clean spilled coal and repair damages 
November 9 after 2 locomotives and 21 rail cars derailed when a coal train struck a 
road grader used to make repairs on nearby U.S. Highway 34. 

Source: http://koin.com/ap/coal-cars-derailed-when-train-hits-road-grader-in-iowa/ 

10. November 9, WGAL 8 Lancaster - (Pennsylvania) Fiery crash kills everyone in car, 
state police say. Southbound lanes of Interstate 81 at mile marker 12 in Guilford 
Township in Fran kl in County were shut down for more than 7 hours November 9 while 
crews cleared the scene of fiery accident and police investigated after a vehicle struck a 
deer on the southbound lanes, became disabled, and was rear-ended by a second 
vehicle. All passengers in the first car were killed and the driver of the second vehicle 
was taken to an area hospital with moderate injuries. 

Source: http://www.wgal.com/news/fatal-crash-shuts-down-portion-of-i81/36338348 

Food and Agriculture Sector 

11. November 10, KOLO 8 Reno - (Nevada) E. coli outbreak in Washoe County. The 
Washoe County Health District confirmed 8 cases of E. coli in the county November 10 
tied to The Twisted Fork Restaurant in Damonte Ranch. Officials are investigating the 
source of the outbreak and stated that the bacterium is associated with the same 
bacterium that made consumers sick in Washington and Oregon. 

Source: http ://w w w .kolotv .com/home/headlines/E-Coli-Outbreak-In- W ashoe-County- 
344214992.html 

12. November 9, WMTW 8 Poland Spring - (Maine) Maine farm recalls milk. Sandy 
River Farm in Farmington issued a recall November 9 for its whole milk products after 
routine testing showed that the milk was improperly pasteurized and could have 
allowed pathogens to survive. The products were sold at the Sandy River Farm Market 
and Tranten’s of Main Street. 

Source: http://www.wmtw.com/health/maine-farm-recalls-milk/36343796 

13. November 9, U.S. Food and Drug Administration - (National) Zenobia Company 
LLC. recalls Ground Flax Seed Meal because of possible health risk. Yonkers, New 
York-based Zenobia Company EEC issued a nationwide recall November 9 for its 
Ground Flax Seed Meal products sold through online mail orders after a supplier 
discovered that the products may be contaminated with Salmonella. 

Source: http://www.fda.gov/Safety/Recalls/ucm47 1 870.htm 

14. November 9, U.S. Food and Drug Administration - (National) Inaffit, LLC issues 
voluntary nationwide recall of Natureal due to undeclared sibutramine. Bethesda, 
Maryland-based Inaffit, LLC issued a recall November 9 for all lots of its Natureal light 
green and dark green capsule products after laboratory testing found that the products 
contain sibutramine, an appetite suppressant that was removed from the U.S. market 
due to increased health risks. 

Source: http://www.fda.gov/Safety/Recalls/ucm471921 .htm 
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15. November 9, U.S. Food and Drug Administration - (National) Brett Anthony Foods 
issues allergy alert on undeclared chestnuts in Whole Foods Brand Wild 
Mushroom Soup sold in Illinois, Indiana, Michigan, Missouri, Minnesota and 
Nebraska stores. Elk Grove Village, Illinois-based Brett Anthony Foods issued a 
recall for 109 Whole Foods branded Wild Mushroom Soup products packaged in 24 
ounce cups and sold at Whole Foods Markets in 6 States after an employee discovered 
that the products contained undeclared chestnuts. 

Source: http://www.fda.gov/Safety/Recalls/ucm471929.htm 

Water and Wastewater Systems Sector 

Nothing to report 

Healthcare and Public Health Sector 

16. November 10, WHTM 27 Harrisburg - (Pennsylvania) Penn State Hershey warns 
2,300 patients of infection risk. Penn State Milton Hershey Medical Center in 
Pennsylvania notified 2,300 patients who had open-heart surgery at the medical center 
between November 201 1 - November 2015 that they may have been exposed to a rare 
bacteria after 3 patients at WellSpan York Hospital had infections linked to heart 
bypass machines with heater-cooler devices. The medical center stated that there have 
been no confirmed cases and replaced all of its heater-cooler devices November 8 as a 
precaution. 

Source: http://abc27.com/2015/ll/10/penn-state-hershev-wams-2300-patients-of- 
infection-risk/ 



Government Facilities Sector 

17. November 10, KDVR 31 Denver - (Colorado) Thornton school closed for hazmat 
cleanup in nearby home. Tarver Elementary School in Thornton was evacuated and 
classes were dismissed November 9 due to chemicals found in a nearby home during a 
suicide investigation. The school will remain closed November 10 while HAZMAT 
crews work to remove the potentially dangerous chemicals and clear the scene. 

Source: http ://kdvr. com/20 15/11/1 0/thomton- school-closed-for-hazmat-cleanup-in- 
nearby-home/ 

18. November 10, U.S. Environmental Protection Agency - (Virginia) EPA settlement 
with NASA resolves environmental violations at Goddard Space Flight Center. 

The U.S. Environmental Protection Agency announced November 10 that the National 
Aeronautics and Space Administration (NASA) will pay $50,660 in a settlement to 
resolve alleged allegations that the agency violated the Clean Air Act and Resource 
Conservation and Recovery Act at its Goddard Space Flight Center in Wallops Island, 
Virginia. The agency used inadequate packaging and labelling of universal wastes and 
failed to obtain the proper certification and permits for fuel oil and sulfur content, 
among other violations. 

Source: 

http://vosemite.epa.gov/opa/admpress.nsf/8b770facf5edf6fl85257359003fb69e/d349cb 
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19. November 10, NJ.com - (New Jersey) 5-alarm fire in century-old Paterson Armory 
closes several schools. Paterson Public School district announced that a 5-alarm fire 
November 9 at the abandoned Paterson Armory in New Jersey prompted the closure of 
New Roberto Clemente, Roberto Clemente, Eastside High School, School 11, School 
15, and Madison Early Learning Center November 10. 

Source: http://www.ni.eom/passaic-county/index.ssf/2015/l 1/5- 
alarm fire in paterson closes several nearby sch.html 

20. November 9, WBZ 4 Boston - (Massachusetts) Boston Arts Academy students 
exposed to hydrochloric acid. Boston Arts Academy in Massachusetts was briefly 
evacuated November 9 after 25 students complained of headaches and nausea and were 
transported to an area hospital after they were exposed to hydrochloric acid in a 
classroom that did not ventilate properly. Fire crews aired out the building and classes 
resumed. 

Source: http://boston.cbslocal.eom/2015/l 1/09/boston-arts-academy-hydrochloric-acid- 

2 L 

21. November 9, KYTV 3 Springfield - (Missouri) School bus crash sends 7 Lebanon 
students and driver to hospital. A November 9 accident involving a Lebanon School 
District bus caused seven students and the bus driver to be transported to an area 
hospital with injuries after the driver swerved to avoid an animal on Highway MM near 
Laclede County. 

Source: http://www.kv3.com/news/local/four-students-iniured-in-school-bus-crash-in- 
laclede-county/2 1048998 36342080 

Emergency Services Sector 

Nothing to report 

Information Technology Sector 

22. November 10, Securityweek- (International) Flaw in Linux encryption ransomware 
exposes decryption key. Researchers at Bitdefender discovered a flaw in the 

Linux. Encoder 1 ransomware in its advanced encryption standard (AES) key generation 
process that revealed the libc rand() function, seeded with the current system timestamp 
during encryption, allows the retrieval of the AES key without having to decrypt the 
malware by paying the attackers for a RSA public key. The security firm released a 
decryption tool that automatically restores encrypted files previously attacked by 
Linux. Encoder 1. 

Source: http://www.securityweek.com/flaw-linux-encrvption-ransomware-exposes- 
decryption-key 

23. November 9, Securityweek - (International) Remote code execution flaw found in 
Java app servers. Researchers from FoxGlove Security released a report addressing 
deserialization vulnerabilities in Java applications including Oracle WebLogic, IBM 
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WebSphere, and Jenkins, among other products that can be remotely exploited for 
arbitrary code due to poor coding via Java library Apache Commons Collections that is 
used for more than 1,300 projects. A Java deserialization library and a report were 
released to secure applications from malicious actors and educate developers on how to 
avoid such flaws. 

Source: http://www.securityweek.com/remote-code-execution-flaw-found-iava-app- 
servers 



For additional stories, see items 3 and 24 

Internet Alert Dashboard 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 



Communications Sector 

24. November 9, Washington Post - (National) Comcast says it’s not to blame after 
200,000 user accounts were put up for the sale online. Comcast announced 
November 9 that it will reset passwords for roughly 200,000 customers after a package 
of personal data, including the e-mail addresses and passwords, was listed for sale for 
$1,000 on a Dark Web site. The company reported it was not hacked and that its 
systems and apps were not compromised and held unsuspecting customers responsible 
for visiting malware-laden sites or fallen victim to other schemes that allowed hackers 
to obtain their data. 

Source: https://www.washingtonpost.com/news/the-switch/wp/2015/ll/09/comcast- 
savs-its-not-to-blame-after-200000-accounts-were-illegally-put-up-for-sale/ 

Commercial Facilities Sector 

25. November 9, Richmond Times Dispatch - (Virginia) Two men, one from Chester, 
accused of planning to shoot up or bomb churches and synagogues. Richmond 
officials reported that two men, associated with a white supremacy group, were charged 
for conspiracy to possess firearms after having been convicted of felonies, and another 
man charged with conspiracy to commit robbery November 9 after an undercover FBI 
investigation revealed that the men allegedly outlined plans to rob and kill a local 
silver/jewelry dealer, rob an armored car, and inflict harm on a gun store owner in an 
attempt to allegedly shoot or bomb churches and synagogues. 

Source: http://www.richmond.com/news/local/crime/article 7d8c76b3-5dd9-5365- 
a2c3-f0ac9682a989.html 

26. November 9, WBNG 12 Binghamton - (New York) Businesses evacuated after gas 
leak in Binghamton. A number of businesses in Binghamton reopened several hours 
after a gas leak was found in the area November 9, which prompted crews to report to 
the scene to repair cracks found in a 3-inch gas line in the basement of a furnishings 



- 7 - 



store. 

Source: http://www.binghamtonhomepage.com/news/local-news/downtown- 
businesses-evacuated-after-gas-leak 



Dams Sector 



Nothing to report 




NTAS 



NO ACTIVE ALERTS 
www.DHS.gov/alerts 



Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday 
through Friday] summary of open-source published information concerning significant critical 
infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for 10 days on 
the Department of Homeland Security Web site: http://www.dhs.gov/lPDailvReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support @ govdelivery.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 



- 9 - 




